More Resources

Malware Targets U.S. Military Computers

Pentagon officials acknowledged that the malware known as Agent.btz recently
affected some Defense Department systems. Although it has been in circulation
for several months, the malware had not yet been known to penetrate military
networks.

The incident has left DOD officials scrambling to clean infected systems, institute
new policy and security measures to thwart future incidents, and perform forensics
to discover the source of the attack.

The issue was serious enough to prompt Adm. Mike Mullen, chairman of the Joint
Chiefs of Staff, to brief President Bush and Defense Secretary Robert Gates
last week on the incident.

DOD has not provided many details on the extent of the incident or whether
the malware could have harmed systems that are critical to national security.
Reports have indicated that the malware infected Central Command computers used
by U.S. forces in Iraq and Afghanistan. According to one report, nearly three-quarters
of the computers at the largest U.S. military base in Afghanistan were affected.
Other computers and networks were apparently affected as well.

Pentagon officials responded by implementing a policy that prohibits the use
of most types of portable data-storage media on government computers, particularly
USB-based thumb or flash drives, memory sticks, and camera flash memory cards.
Malware, viruses and other attack software can propagate via the thumb drives
from one machine to another.

Although warranted, the policy creates a hardship for warfighters in the field,
who often carry critical data on flash drives in areas in which conditions do
not allow for reliable wireless computer communications. The new policy makes
it more difficult to share information within a war theater.

Implementing such a policy requires a combination of technical measures and
education. Whether state-sponsored or otherwise, hackers who use malware, viruses
and other methods to shut down computers, compromise data or steal information
frequently target military computers and networks.

The Agent.btz malware is a variation of a worm that surfaced in 2005, but the
latest iteration appears to have been designed specifically to target military
networks.